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Real Party in Interest 



The real party in interest is BlueArc Corporation, the assignee of record. 
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Related Appeals and Interferences 

Appellants' legal representative is not aware of any other appeals or interferences 
which will directly affect, or be directly affected by, or have a bearing on, the Board's 
decision in the present appeal. 
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Status of Claims 

Claims 1-33 are pending in the application, and stand rejected under 35 U.S.C. 
1 02(e) as being unpatentable over U.S. Patent No. 6,457, 1 30 (Hitz). 

The appeal, noticed August 3, 2006, is with respect to the rejected claims, claims 

1-33. 

Claim 29 is being withdrawn from consideration. Therefore, claims 1-28 and 30- 
33 remain under appeal. 
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Status of Amendments 

As understood by Appellants, Appellants' amendments dated September 25 , 2005 
and June 20, 2006 were entered and considered by the Examiner. 
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Summary of Claimed Subject Matter 

The present application relates to managing file security attributes in a computer 
file storage system supporting at least two file security models. A file is stored using a 
first file security model (e.g., UNIX). A client using a second file security model (e.g., 
Windows) accesses the file. A set of file security attributes in accordance with the 
second file security model is generated. The set of file security attributes includes a 
plurality of security identifiers (SID), including at least an owner SID and a group SID, 
that are derived from corresponding identifiers associated with the file in accordance with 
the first file security model. When the system is unable to map an identifier from the first 
file security model to an identifier for the second file security model, the generated SID 
includes both a map failure indicator and the corresponding identifier from the first set of 
file security attributes, such that the map failure indicator indicates that the identifier 
relates to the first file security model rather than to the second file security model. The 
map failure indicator therefore allows information about the map failure to be conveyed 
in the SID. 

Independent claims 1,16, and 3 1 clearly require a security identifier that includes 
separate map failure indicator and identifier components. Specifically, the claims 
expressly require "at least one map failure indicator" AND a "corresponding identifier." 
The description clearly shows that the SID includes separate map failure indicator and 
identifier components. In fact, all of the exemplary embodiments described in the 
specification clearly include a distinct map failure indicator in addition to the identifier 
(e.g., a distinct UNIX-specific authority identifier along with the UNIX identifier in 
exemplary UNIX-specific SIDs shown at page 8, line 19 and page 19, line 15, and a 
distinct UNIX-specific indicator along with a UNIX identifier as qualifiers to a well- 
known authority identifier value in an alternative embodiment described at page 1 9, lines 
25-28). Thus, the claims unequivocally require two separate and distinct components, 
namely a map failure indicator and an identifier. 

Independent claim 30 is directed to a method for generating, from a first set of file 
permissions in accordance with a first file security model, a second set of file permissions 
in accordance with a second file security model (see, for example, page 12, line 23 
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through page 15, line 19 and FIG. 4 of the application). The method involves translating 
the first set of file permissions into the second set of file permissions, the second set of 
file permissions defining owner permissions, group permissions, and everyone 
permissions (see, for example, block 404 of FIG. 4 and page 12, line 23 through page 13, 
line 10); removing any rights from the owner that the owner would be granted implicitly 
but are not granted to either the group or to everyone (see, for example, block 406 of FIG. 
4 and page 13, lines 16-18); adding any rights that need to be explicitly denied to the 
owner and to the group (see, for example, block 408 of FIG. 4 and page 13, line 18 
through page 14, line 2); producing a set of access control elements ordered 
hierarchically (see, for example, block 410 of FIG. 4 and page 14, lines 4-18); and 
removing any redundant permissions from the access control elements (see, for example, 
block 414 of FIG. 4 and page 14, line 20 through page 15, line 6). 

Independent claim 29 is being withdrawn from consideration. 
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Grounds of Rejection to be Reviewed on Appeal 

Are claims 1-28 and 30-33 unpatentable under 35 U.S.C. 102(e) as being 
anticipated by U.S. Patent No. 6,457,130 (Hitz), where Hitz clearly lacks a distinct 
failure indicator? 

Claim 29 is being withdrawn from consideration. 
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Argument Pages 

Pertinent Chronology 

The subject patent application was filed on August 22, 2003 with 33 claims. 

An Information Disclosure Statement was filed on December 29, 2004 citing, 
among other things, the International Search Report and Written Opinion from the 
corresponding PCT application. Two pages from the International Search Report and 
Written Opinion are included in Appendix II. The relevance of these pages is discussed 
below. 

A first office action issued on June 29, 2005 in which claims 1-33 were rejected 
under 35 U.S.C. 112, second paragraph, as being indefinite due to the inclusion of 
trademarks in the claims and also under 35 U.S.C. 102(e) as being anticipated by U.S. 
Patent No. 6,457,130 (Hitz). 

A response to the first office action was filed on September 25, 2005 in which 
Applicants amended the claims to remove the trademark terms (even though MPEP 
608.0 l(v) permits the use of trademarks that have a fixed and definite meaning, and even 
in view of the fact that Hitz's claims actually include trademark terms "Unix" and "NT"). 
Applicants also pointed out that Hitz does not disclose a map failure indicator in addition 
to the identifier, as required by the claims. 

In the Final Office Action of April 3, 2006, Claims 1-33 were again rejected 
under 35 U.S.C. 102(e) as being anticipated by U.S. Patent No. 6,457,130 (Hitz). 

A telephonic interview was held on May 10, 2006 between Supervisory Patent 
Examiner Fritz Fleming, Examiner Harold Kim, and Applicants' Attorneys Bruce 
Sunstein and Jeffrey Klayman regarding the final Office action dated April 3, 2006. 
Specifically, the Hitz reference was discussed in relation to the claimed invention. 
Applicants explained that Hitz describes a mixed Unix/Windows file storage system in 
which Unix file security attributes are mapped to Windows file security attributes when a 
Windows client accesses a Unix file. In Hitz, if a Unix name cannot be mapped to a 
corresponding Windows name, then the Unix name is returned to the Windows client 
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(Col. 6, lines 42-48), but Hitz does not include a specific map failure indicator to indicate 
that a mapping failure has occurred. 

A response was filed on June 2, 2006 in which the Applicants explained that the 
claims of the subject patent application require BOTH a map failure indicator AND a 
corresponding identifier to be returned in the SID (specifically, "at least one map failure 
indicator AND the corresponding identifier from the first set of file security attributes " 
emphasis added). The map failure indicator and the identifier are clearly two distinct 
components. As expressed in the claims, the map failure indicator indicates that the 
identifier relates to the first security model (as opposed to the SID, which relates to the 
second security model). 

Despite the plain wording of the claims and the described embodiments, which 
require both a distinct map failure indicator and a distinct identifier, the Examiner treats 
Hitz's simple identifier as both the map failure indicator and the identifier. Such an 
interpretation reads the word "and" out of the claim (with regard to requiring "at least one 
map failure indicator AND the corresponding identifier from the first set of file security 
attributes"), and also ignores the claim provision requiring that the map failure indicator 
indicate that the identifier relates to the first file security model. While Applicants 
conceded that the prior art shows one of the components - an identifier - there is utterly 
nothing in the prior art to satisfy the other leg of the claim - a map failure indicator. 

An Advisory Action issued June 20, 2006 in which the Examiner essentially 
maintained his former position that the claims are anticipated by Hitz. 

A Notice of Appeal, accompanied by a Pre- Appeal Brief, was filed on August 3, 

2006. 

A Panel Decision from Pre- Appeal Brief Review, mailed August 15, 2006, 
determined that there is at least one actual issue for appeal. 

■ 

Thus, claims 1-33 remain pending and stand rejected. 
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Argument 

It is well settled that a claim is invalid as anticipated under 35 U.S.C. § 102 only 
if a single prior art reference discloses either expressly or inherently, each limitation of 
the claim. In re Cruciferous Sprout Litigation, 301 F.3d 1343, 64 U.S.P.Q. 2d 1202 (Fed. 
Cir. 2002). Hitz simply does not disclose each and every limitation of the claim. 

Independent claims 1,16, and 31 clearly require a security identifier (SID) that 
includes separate map failure indicator and identifier components. Specifically, the 
claims expressly require "at least one map failure indicator AND the corresponding 
identifier from the first set of file security attributes" (emphasis added) or the like, and 
the description clearly shows that the SID includes separate map failure indicator and 
identifier components. In addition to ample support in the description for separate and 
distinct map failure indicator and identifier components (e.g., at page 8, line 19; page 19, 
line 15; and page 19, lines 25-28), Appellants note that the Examiner who prepared the 
International Search Report and Written Opinion for the corresponding PCT application 
(two pages of which are reproduced in Appendix II) clearly recognized that the map 
failure indicator and the corresponding identifier are two distinct components; in 
concluding that the claims meet novelty and inventive step requirements (with regard to 
the Allison reference), the Examiner stated that "the prior art does not disclose or suggest 
the specifically claimed SID including the UNIX-specific indicator and the corresponding 
UNIX identifier." Thus, it is clear that the claims unequivocally require two separate and 
distinct components, namely a map failure indicator and an identifier. U.S. Patent No. 
6,457,130 (Hitz) generates a SID including only the identifier, and therefore fails to 
disclose separate and distinct map failure indicator and identifier components. 

Furthermore, the claims expressly require that the map failure indicator indicate 
that the identifier relates to the first file security model, and this limitation is neither 
disclosed nor suggested by Hitz. As discussed in Hitz, UNIX user names and NT user 
names are merely alphanumeric strings (see, for example, Hitz column 6, lines 42-45), so 
there is nothing inherent in a user name to indicate the file security model to which it 
relates. In fact, the UNIX user names and NT user names are essentially fungible in that 
a UNIX user name can be used as an NT user name (see, for example, Hitz column 6, 
lines 45-48) and an NT user name can be used as a UNIX user name (see, for example, 
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Hitz column 7, lines 61-64). The Examiner argues that the Hitz's identifier acts as both 
the map failure indicator and the identifier. In fact, Hitz's identifier provides no 
indication of file security model in and of (and for) itself, and therefore Hitz's identifier 
cannot possibly act as the map failure indicator. Rather, as discussed and claimed in the 
subject patent application, a separate and distinct map failure indicator is used to indicate 
that the identifier relates to the first file security model. Hitz clearly lacks anything that 
can be considered a map failure indicator to indicate that the identifier relates to the first 
file security model. 

It is clear, then, that Hitz fails to expressly or inherently disclose or suggest a map 
failure indicator as claimed. Hitz certainly does not disclose a map failure indicator that 
is separate and distinct from the identifier. Furthermore, Hitz's UNIX identifier simply 
cannot be both the map failure indicator and the identifier, as suggested by the Examiner, 
because the identifier does not indicate the file security model to which it relates. The 
fact that Hitz uses the UNIX user name as the NT user name is merely a result of a map 
failure; it does not indicate that a map failure has occurred (e.g., just because a person is 
sick does not mean that the doctor has been called). There is simply nothing in Hitz to 
indicate that a map failure has occurred. 

For the reasons stated above, claims 1-28 and 31-33 are patentable over Hitz. 

With regard to claims 15 and 30, the Examiner points to column 10, lines 1-17 of 
Hitz to show that Hitz translates a first set of file permissions into a second set of file 
permissions defining owner permissions, group permissions, and everybody permissions, 
as in claims 15 and 30. Such a translation, however, is merely one element of the 
methods defined in claims 15 and 30. These claims further require removing any rights 
from the owner that the owner would be granted implicitly but are not granted to either 
the group or to everyone; adding any rights that need to be explicitly denied to the owner 
and to the group; producing a set of access control elements ordered hierarchically; and 
removing any redundant permissions from the access control elements. The Examiner 
does not address these additional claim elements on any level. Furthermore, a close 
reading of Hitz, specifically column 10, lines 1-17, shows that Hitz does not teach or 
otherwise suggest such additional claim elements. 

Thus, claim 30 is patentable over Hitz. 
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Conclusion 

For the foregoing reasons, Applicant submits that claims 1-28 and 30-33 are 
allowable over the art of record and a decision of the Board to that effect is respectfully 
solicited. 

Date: October 3 , 2006 



Bromberg & Sunstein LLP 
125 Summer Street 
Boston, MA 02110-1618 
Ph.: (617)443-9292 
Fax: (617) 443-0004 

02337/00107 547935.1 



Respectfully submitted, 




Jeffrey T. Klayman 
Registration No. 39,250 
Attorney for Applicant 
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Appendix I: Claims Appendix 

Claim 1 (previously presented): A method for managing file security attributes by a 
file server in a computer file storage system, the computer file storage system including a 
file secured using a first file security model, the method comprising: 

receiving a first request from a client relating to the file stored in the computer file 
storage system, the client utilizing a second file security model; 

retrieving a first set of file security attributes, in accordance with the first file 
security model, associated with the file, the first set of file security attributes including at 
least an owner identifier and a group identifier; and 

generating a second set of file security attributes, in accordance with the second 
file security model, from the first set of file security attributes, the second set of file 
security attributes including a plurality of security identifiers (SID) including at least an 
owner SID derived from the owner identifier and a group SID derived from the group 
identifier, wherein at least one of the owner SID and the group SID includes at least one 
map failure indicator and the corresponding identifier from the first set of file security 
attributes, wherein the map failure indicator indicates that said identifier relates to the 
first file security model. 

Claim 2 (previously presented): A method according to claim 1, wherein the at least 
one map failure indicator includes an authority identifier, specific to the first file security 
model, and an owner/group indicator having a first value to indicate that the identifier is 
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the owner identifier from the first set of security attributes, and a second value to indicate 
that the identifier is the group identifier from the first set of security attributes. 

Claim 3 (previously presented): A method according to claim 1, wherein the at least 
one map failure indicator includes an authority identifier, specific to the first file security 
model, having a first value to indicate that the identifier is the owner identifier from the 
first set of file security attributes and a second value to indicate that the identifier is the 
group identifier from the first set of file security attributes. 

Claim 4 (previously presented): A method according to claim 1, wherein generating 
the second set of file security attributes from the first set of file security attributes 
comprises: 

attempting to map each identifier from the first set of file security attributes to a 
corresponding identifier from the second set of file security attributes; and 

generating, for each identifier from the first set of file security attributes that 
cannot be mapped to a corresponding identifier from the second set of file security 
attributes, the SID including the at least one map failure indicator and the corresponding 
identifier from the first set of file security attributes. 

Claim 5 (previously presented): A method according to claim 4, wherein attempting 
to map each identifier from the first set of file security attributes to a corresponding 
identifier from the second set of file security attributes comprises: 
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maintaining a table mapping a first set of names in accordance with the first file 
security model to a second set of names in accordance with the second file security 
model; 

determining a name from the first set of names corresponding to the identifier 
from the first set of file security attributes; and 

searching the table for a name from the second set of names corresponding to the 
name from the first set of names. 

Claim 6 (previously presented): A method according to claim 5, wherein 
determining a name from the first set of names corresponding to the identifier from the 
first set of file security attributes comprises: 

maintaining a cache mapping identifiers from the first set of file security attributes 
to names in the first set of names; and 

searching the cache for a name from the first set of names corresponding to the 
identifier from the first set of file security attributes. 

Claim 7 (previously presented): A method according to claim 5, wherein 
determining a name from the first set of names corresponding to the identifier from the 
first set of file security attributes comprises: 

sending the identifier from the first set of file security attributes over a 
communication link to a NIS server; and 

receiving the name from the first set of names over the communication link from 
the NIS server. 
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Claim 8 (previously presented): A method according to claim 1, further comprising: 
transmitting the second set of file security attributes to the client in a response to 
the first request. 

Claim 9 (previously presented): A method according to claim 8, further comprising: 
receiving a second request from the client utilizing the second file security model 

including at least one of said SIDs including at least one map failure indicator and the 

corresponding identifier from the first set of file security attributes; 
translating the at least one of said SIDs into a text string; and 
transmitting the text string to the client in a response to the second request. 

Claim 10 (previously presented): A method according to claim 9, wherein the text 
string includes a representation of the identifier from the SID. 

Claim 1 1 (previously presented): A method according to claim 1, wherein the first set 
of file security attributes includes a first set of file permissions, in accordance with the 
first file security model, and wherein generating the second set of file security attributes 
from the first set of file security attributes further comprises: 

generating a second set of file permissions, in accordance with the second file 
security model, from the first set of file permissions. 
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Claim 12 (previously presented): A method according to claim 11, wherein the 
request comprises at least one requested change to the security attributes of the file, and 
wherein the method further comprises: 

applying the requested security attribute changes to the second set of file security 
attributes to create a modified set of file security attributes in accordance with the second 
file security model; and 

writing the modified set of file security attributes to the file, said writing 
effectively changing the security model of the file from the first file security model to the 
second file security model. 

Claim 13 (previously presented): A method according to claim 12, further 
comprising: 

receiving a second request from a client utilizing the first file security model 
relating to the file, the second request associated with a session, the session having a 
session owner and a session group; 

retrieving the modified set of file security attributes for the file; and 
providing the client with owner access to the file, if the owner SID in the 
modified set of file security attributes includes an owner identifier in accordance with the 
first file security model and the session owner matches the owner identifier in the owner 
SID. 

Claim 14 (previously presented): A method according to claim 12, further 
comprising: 



Page 18 of 28 



Appl. No. 10/646,365 

Appeal Brief dated October 3, 2006 

receiving a second request from a client utilizing the first file security model 
relating to the file, the second request associated with a session, the session having a 
session owner and a session group; 

retrieving the modified set of file security attributes for the file; and 
providing the client with group access to the file, if the group SID in the modified 
set of file security attributes includes a group identifier in accordance with the first file 
security model and the session group matches the group identifier in the group SID. 

Claim 15 (previously presented): A method according to claim 11, wherein 
generating the second set of file permissions from the first set of file permissions 
comprises: 

translating the first set of file permissions into a second set of file permissions, the 
second set of file permissions defining owner permissions, group permissions, and 
everyone permissions; 

removing any rights from the owner that the owner would be granted implicitly 
but are not granted to either the group or to everyone; 

adding any rights that need to be explicitly denied to the owner and to the group; 

producing a set of access control elements ordered hierarchically; and 

removing any redundant permissions from the access control elements. 

Claim 16 (previously presented): An apparatus for managing file security attributes in 
a computer file storage system, the computer file storage system including a file secured 
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using a first file security model, the file associated with a first set of file security 
attributes including an owner identifier and a group identifier, the apparatus comprising: 

a network interface for communicating with clients over a communication 
network; 

a storage interface for communicating with a file storage device; and 
file security logic operating between the network interface and the storage 
interface for managing file security attributes, the file security logic including logic for 

■ 

generating a second set of file security attributes, in accordance with a second file 
security model, from the first set of file security attributes, the second set of file security 
attributes including at least an owner SID derived from the owner identifier and a group 
SID derived from the group identifier, wherein at least one of the owner SID and the 
group SID includes at least one map failure indicator and the corresponding identifier 
from the first set of file security attributes, wherein the map failure indicator indicates 
that said identifier relates to the first file security model. 

Claim 17 (previously presented): An apparatus according to claim 16, wherein the at 
least one map failure indicator includes an authority identifier, specific to the first 
security model, and an owner/group indicator having a first value to indicate that the 
identifier is the owner identifier from the first set of file security attributes and a second 
value to indicate that the identifier is the group identifier from the first set of file security 
attributes. 
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Claim 18 (previously presented): An apparatus according to claim 16, wherein the at 
least one map failure indicator includes an authority identifier, specific to the first file 
security model, having a first value to indicate that the identifier is the owner identifier 
from the first set of file security attributes and a second value to indicate that the 
identifier is the group identifier from the first set of file security attributes. 

« 

Claim 19 (previously presented): An apparatus according to claim 16, wherein the 
file security logic comprises: 

logic for mapping each identifier from the first set of file security attributes to a 
corresponding identifier from the second set of file security attributes; and 

logic for generating, for each identifier from the first set of file security attributes 
that cannot be mapped to a corresponding identifier from the second set of file security 
attributes, the SID including the at least one map failure indicator and the corresponding 
identifier from the first set of file security attributes. 

Claim 20 (previously presented): An apparatus according to claim 19, further 
comprising a table mapping a first set of names, in accordance with the first file security 
model, to a second set of names, in accordance with the second file security model, the 
file security logic determining a name from the first set of names corresponding to the 
identifier from the first set of file security attributes and searching the table for a name 
from the second set of names corresponding to the name from the first set of names for 
mapping each identifier from the first set of file security attributes to a corresponding 
identifier from the second set of file security attributes. 
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Claim 21 (previously presented): An apparatus according to claim 20, further 
comprising a cache mapping identifiers from the first set of file security attributes to 
names in the first set of names, the file security logic searching the cache for a name from 
the first set of names corresponding to the identifier from the first set of file security 
attributes for determining a name from the first set of names corresponding to the 
identifier from the first set of file security attributes. 

Claim 22 (previously presented): . An apparatus according to claim 20, wherein the 
file security logic sends the identifier from the first set of file security attributes over a 
communication link to a NIS server for determining a name from the first set of names 
corresponding to the identifier from the first set of file security attributes. 

Claim 23 (original): An apparatus according to claim 16, wherein the file security logic 
further comprises: 

logic for translating the at least one of said SIDs into a text string. 

Claim 24 (previously presented): An apparatus according to claim 23, wherein the 
text string includes a representation of the identifier from the SID. 

Claim 25 (previously presented): A method according to claim 16, wherein the first 
set of file security attributes includes a first set of file permissions, in accordance with the 
first file security model, and wherein the file security logic further comprises: 
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logic for generating a second set of file permissions, in accordance with the 
second file security model, from the first set of file permissions. 

Claim 26 (previously presented): An apparatus according to claim 25, wherein the 
file security logic includes logic for receiving a request from a client utilizing the second 
file security model, to modify file security attributes, applying the requested 
modifications to the second set of file permissions to create a modified set of file security 
attributes in accordance with the second file security model, and writing the modified set 
of file permissions to the storage device so as to effectively change the security model of 
the file from the first file security model to the second file security model. 

Claim 27 (previously presented): An apparatus according to claim 25, wherein the 
file security logic includes logic for controlling access to the file using the second set of 
file permissions. 

Claim 28 (previously presented): An apparatus according to claim 25, wherein the 
file security logic includes logic for translating the first set of file permissions into a the 
second set of file permissions, the second set of file permissions defining owner 
permissions, group permissions, and everyone permissions; removing any rights from the 
owner that the owner would be granted implicitly but are not granted to either the group 
or to everyone; adding any rights that need to be explicitly denied to the owner and to the 
group; producing a set of access control elements ordered hierarchically; and removing 
any redundant permissions from the access control elements. 
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Claim 29 (currently withdrawn from consideration): An apparatus for managing file 
security attributes in a computer file storage system, the apparatus comprising: 

means for translating an owner identifier in accordance with a first file security 
model into an owner SID, compatible with a second file security model; 

means for translating a group identifier in accordance with a first file security 
model into a group SID, compatible with the second file security model; and 

means for translating file access permissions, in accordance with a first file 
security model, into an access control list, compatible with the second file security model. 

Claim 30 (previously presented): A method for generating, from a first set of file 
permissions in accordance with a first file security model, a second set of file permissions 
in accordance with a second file security model, the method comprising: 

translating the first set of file permissions into the second set of file permissions, 
the second set of file permissions defining owner permissions, group permissions, and 
everyone permissions; 

removing any rights from the owner that the owner would be granted implicitly 
but are not granted to either the group or to everyone; 

adding any rights that need to be explicitly denied to the owner and to the group; 

producing a set of access control elements ordered hierarchically; and 

removing any redundant permissions from the access control elements. 

Claim 3 1 (previously presented): A method comprising: 
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receiving a security identifier (SID) including at least one map failure indicator 
and a corresponding identifier in accordance with a first file security model; and 
translating the SID into a text string. 

i 

Claim 32 (previously presented): A method according to claim 3 1 , wherein the text 
string includes a representation of the identifier from the SID. 

Claim 33 (previously presented): A method according to claim 31, wherein 
translating the SID into a text string comprises: 

transmitting a request to a translator over a communication network, the request 
including at least the identifier from the SID. 



Page 25 of 28 



Appl.No. 10/646,365 

Appeal Brief dated October 3, 2006 



Appendix II: Evidence Appendix 



WRITTEN OPINION OF TH£ ir*fcrro&>ra3 appJicaibn Wo, 

IiMTEjR N ATIO NAL SOAfiOHtNG 

AUTHORITY (SEPARATE SWEET) PCT/US20Q4W7S45 
Group 2* Claim 30: 

Group 2 solves ihe objectively determined problem or Jiw to g&fterale a Widows ACL 
from UNIX lite permissions. This problem Is solved by ttie method steps of claim 30- 

T&tese groups Of tnvOnfciOrtS address enriircfy different technical problems and as such 
can be Imptemefil&d Sndepe<icfentl/of each other. 

Hence* the application relates to a plurality of Inventions* or groups ot Invemlarts* &a ttie 
sense of Bute 1 3.1 PGT 

til toe. opinion ol Shis International EafcrrVininrj} Avltejiiy QrOup 1 appears <0 rotate Id the 
rtUiiEi invcnligrt. 



Re tlem V 

Reasoned statement wit h regard to novelty, Inventive step or industrial 
applicability; c Italians and ospfeanjitfono supporting such statement 

Reference it m#tfe to fcho lo^wraj documents: 

Dt : BRIDGET ALLISON ET AUj Tile System Security- Secure Network Data 
Sharing for NT and UNIX* USENIX, [Online] S August 1£&8 (19&M8-0&). 
pa^ges 1 -1 3s XPO0230B9Cra USA Rettteved from the tatemee: 
URL^lj^wv^ bftry/piljoc^ilgs^sa- 
nt98/fuli4>apefE/al lisofWaJllaofvp*fl> [reprieved on 2004-1 1 -22] 

D2! US-fl^S 4401291 (CWEFOREST MILES A ET AL) 3 S^ertlbcr 2002 {2002- 

D3: US 2002/1 12045 A1 (TYAGI VIKAS ET AL) 15 August 2002 (2002rQ®~1 5} 



1 . Independent claims 1>16 and 31 « 

Document 01 , vrttfech is considered to represent irte moat relevant state of the art, 
discloses (Afifi p*ir- 1 to 3 and par. 8 to 1 0) a method for majrupfprsg fllo security 
attributes by elite server Dram which the subject-matter od claim 1 diners in that the 
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WRITTEN OPINION Of THE trtonTalionai apptatbn No. 

INTERNATIONAL SEARCHING 

AUTHORITY {SEPARATE SHEET) PCT/CIS20Q4/CH 79*5 

owner [group) SID Includes an UNlX-«pedilc Indicator and the corresponding UNIX 

identifier. 

The subject-matter ot Claim 1 is therefore now (Article 33(2) POT). 

The problem io be solved by ihe present in venfior* rrt&y be regarded as how to eftsuiie 
that a Windows cfem accessing; a UNIIX-secured file o1 a fife server recede from &aid 
file server a prej^r security descriptor for ©aid accessed 

The ao&tion to this problem proposed In biata 1 of Hub present agpfiealien is 
considered as involving an i^nfrvfc stop {Artfcfc 33(3) PCT) since trie prior art docs 
not disclose or suggest the specifically clafonadSlD Including the UNIX-specilic 

imdlcalor and tine co^cs porting IjNlX identifier. 

The apparalus deserved in> cWrn ttj corresponds to Ufoe method cftsclo&ed in>cJ$iifn i. 
As a consequence the above statement apply also for claim 16, 

The method erf cton 31 is also new and inventive sance the subjccl-m after describes 
truer alia the StD Inctodfcng the lIMX-specIftcindteaiorand the cocrespcwtdlng UNIX 
BdesiGfiei, eealute than i$ not disclosed at suggested in the prior art 



2. Dependent claims 2-15, 1 7-23, 32 and 33, 

Claims 2-1 S, 1 ?*28, 32 and 33 are dependant on dartms 1 g 16 and respectively 31 and 
as such also meet the reqiirenrteffUs -of the POT with fespect to novelty and Inventive 
step, 

3. independent claim 30. 

Dooument D1 . which 5s ccwuBideaed to represent the roosi relevant state of the art, 
discloses (soo par. 1 to 3 end par. &to 10) a method for generating a ce< of Windows 
file permissions from a set of UNIX (lie permissions from which the subject-matter of 
ckum 30 differs in the steps of removing amy figh&s from the owner Uhal the owner would 
be granted [mpScltfy but are nod granted to eittier lite group or to everyone: adding any 
rights that need to be explicitly denied to iho owner and to the group; producing a set of 
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Appendix III: Related Proceedings Appendix 



None. 
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